Islamic bank licensees must implement sound processes of risk identification, measurement, mitigation, monitoring, reporting and control. This process requires the implementation of appropriate policies, limits, procedures and effective management information system (MIS) for internal risk reporting and decision-making that are commensurate with the scope, complexity and nature of the Islamic bank licensee's activities.